Vulnerabilities > Microsoft > Internet Explorer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-08-12 | CVE-2002-0461 | Unspecified vulnerability in Microsoft Internet Explorer 5.0.1/5.5/6.0 Internet Explorer 5.01 through 6 allows remote attackers to cause a denial of service (application crash) via Javascript in a web page that calls location.replace on itself, causing a loop. | 5.0 |
| 2002-07-03 | CVE-2002-0371 | Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. | 7.5 |
| 2002-05-29 | CVE-2002-0269 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks. | 7.5 |
| 2002-05-29 | CVE-2002-0242 | Unspecified vulnerability in Microsoft Internet Explorer Cross-site scripting vulnerability in Internet Explorer 6 earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed. | 7.5 |
| 2002-05-29 | CVE-2002-0193 | Unspecified vulnerability in Microsoft Internet Explorer 5.0.1/6.0 Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the first variant of the "Content Disposition" vulnerability. | 7.5 |
| 2002-05-29 | CVE-2002-0191 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to view arbitrary files that contain the "{" character via script containing the cssText property of the stylesheet object, aka "Local Information Disclosure through HTML Object" vulnerability. | 5.0 |
| 2002-05-29 | CVE-2002-0190 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/5.5/6.0 Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code under fewer security restrictions via a malformed web page that requires NetBIOS connectivity, aka "Zone Spoofing through Malformed Web Page" vulnerability. | 7.5 |
| 2002-05-29 | CVE-2002-0189 | Unspecified vulnerability in Microsoft Internet Explorer 5.0/5.5/6.0 Cross-site scripting vulnerability in Internet Explorer 6.0 allows remote attackers to execute scripts in the Local Computer zone via a URL that exploits a local HTML resource file, aka the "Cross-Site Scripting in Local HTML Resource" vulnerability. | 7.5 |
| 2002-05-29 | CVE-2002-0188 | Unspecified vulnerability in Microsoft Internet Explorer 5.01/6.0 Microsoft Internet Explorer 5.01 and 6.0 allow remote attackers to execute arbitrary code via malformed Content-Disposition and Content-Type header fields that cause the application for the spoofed file type to pass the file back to the operating system for handling rather than raise an error message, aka the second variant of the "Content Disposition" vulnerability. | 7.5 |
| 2002-03-29 | CVE-2002-0078 | Unspecified vulnerability in Microsoft Internet Explorer 5.0.1/5.5/6.0 The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability. | 7.5 |